Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ghostery breaks onBeforeRequest redirects made by other extensions #44

Closed
lidel opened this issue Apr 22, 2018 · 2 comments
Closed

Ghostery breaks onBeforeRequest redirects made by other extensions #44

lidel opened this issue Apr 22, 2018 · 2 comments
Assignees
@christophertino
Labels
Bug Something isn't working

Comments

@lidel
Copy link

lidel commented Apr 22, 2018
edited
Loading

Description

IPFS Companion is a browser extension that enables users to detect content-addressed resources on websites and redirect them to a local IPFS2HTTP gateway (localhost or LAN).

It seems that when Ghostery is enabled and user loads a HTTPS website with content-addressed IPFS resources, Ghostery breaks the gateway redirect by forcing HTTPS even if user chose to use a localhost or LAN gateway exposed on HTTP.

More details: ipfs/ipfs-companion#466

Expected Behavior

Ghostery should detect and respect internal redirects (HTTP 307) made by other extensions.

Note that HTTPS Everywhere does not break the same website.

Actual Behavior

Ghostery always upgrades URL of HTTP 307 to HTTPS, breaking IPFS websites:

2018-04-22-021752_877x973_scrot

Steps to Reproduce

  1. Install ipfs-companion and Ghostery
  2. Open Preferences of ipfs-companion
  3. Set up a working "Custom Gateway" to a HTTP port and IP of a go-ipfs node running on your localhost or in LAN.
  4. Open HTTPS website with content-addressed resources, eg. https://d.tube/#!/v/goingforhealthy/go0fyd9m
  5. Open Console, note network errors caused by URLs starting with https:// instead of redirected http:// (like in this screenshot)

Versions

  • IPFS Companion: 2.2.1
  • Browserify: 8.1.2
  • Browser: Chrome and Firefox
@lidel lidel mentioned this issue Apr 22, 2018
Closed
@lidel lidel changed the title Ghostery breaks webRequest.onBeforeRequest made by other extensions Ghostery breaks onBeforeRequest redirects made by other extensions Apr 22, 2018
@christophertino
Copy link
Contributor

This is most likely coming from Smart Block checking for mixed content. See PolicySmartBlock.js

We had another issue recently where this was breaking SQRL login for the same reason. We need to add a check and allow mixed content from localhost and 127.0.0.1.

@christophertino christophertino self-assigned this Apr 23, 2018
@christophertino christophertino added the Bug Something isn't working label Apr 23, 2018
@lidel
Copy link
Author

lidel commented Apr 23, 2018

Yup, localhost and 127.0.0.1 are safe to whitelist (browsers don't even show a mixed-content warning for 127.0.0.1 eg. Firefox since v55).

christophertino added a commit that referenced this issue Jul 6, 2018
@christophertino
update to localhost check in Smart Block policy. See #44
4dd0050
christophertino pushed a commit that referenced this issue Mar 17, 2021
@benstrumeyer @wlycdgr
Onboarding spreadsheet bugs #38 (GH-2259), #44 (GH-2306), and #45 (GH…
d91b8fc 
…-2305) (#675)

* Expand toggle and select plus plan if user is basic and selects ghostery search

* Make ghostery glow icon bigger in select default search modal

* Move ghostery logo on search option selection container a little to the left

* Remove expansion by default

* Update logo sizes on choose default search view

* Adjust sizing for Yahoo, Startpage, and Bing logos in search selection modals to better match Zeplins

* Increase chance user object is available before choose plan view render. Show expanded view if user picked Glow to match expected UX. Add TODOs so we remember to update AccountReducer to help distinguish between no user present and user not fetched yet

* Factor out option card checkmark item rendering to a helper to reduce duplication.

* Update test snapshots

* Refactor choose plan view plan card feature copy rendering to a helper to reduce duplication

* Factor user status checks in select plan view out to helpers to reduce duplication and bug surface

* Move setting of default plan in plan select view to componentDidMount to avoid using setTimeout to setState in constructor

* Revised setDefaultPlan() logic in ChoosePlanView to make sure everything renders as expected when user is Plus or Premium

Co-authored-by: wlycdgr <ilya.zarembsky@gmail.com>
chrmod added a commit that referenced this issue Jul 28, 2022
@chrmod
Fix: tracker stats should get reset on redirects (#44)
79a9d6d 
`onBeforeNaviagate` denotes that start of the transition chain, while `onCommitted` is bound to the document livecycle. `onCommitted` should also fire on cold starts.
chrmod pushed a commit that referenced this issue Jul 28, 2022
@christophertino
Smart Block: Don't block mixed content from localhost. Fixes #44 and G…
2fd5d6d 
…H-875
chrmod pushed a commit that referenced this issue Jul 28, 2022
@christophertino
update to localhost check in Smart Block policy. See #44
0967ba8
chrmod pushed a commit that referenced this issue Jul 28, 2022
@benstrumeyer @wlycdgr
Onboarding spreadsheet bugs #38 (GH-2259), #44 (GH-2306), and #45 (GH…
106a55c 
…-2305) (#675)

* Expand toggle and select plus plan if user is basic and selects ghostery search

* Make ghostery glow icon bigger in select default search modal

* Move ghostery logo on search option selection container a little to the left

* Remove expansion by default

* Update logo sizes on choose default search view

* Adjust sizing for Yahoo, Startpage, and Bing logos in search selection modals to better match Zeplins

* Increase chance user object is available before choose plan view render. Show expanded view if user picked Glow to match expected UX. Add TODOs so we remember to update AccountReducer to help distinguish between no user present and user not fetched yet

* Factor out option card checkmark item rendering to a helper to reduce duplication.

* Update test snapshots

* Refactor choose plan view plan card feature copy rendering to a helper to reduce duplication

* Factor user status checks in select plan view out to helpers to reduce duplication and bug surface

* Move setting of default plan in plan select view to componentDidMount to avoid using setTimeout to setState in constructor

* Revised setDefaultPlan() logic in ChoosePlanView to make sure everything renders as expected when user is Plus or Premium

Co-authored-by: wlycdgr <ilya.zarembsky@gmail.com>
chrmod added a commit that referenced this issue Jul 28, 2022
@chrmod
Fix: tracker stats should get reset on redirects (#44)
7cfb743 
`onBeforeNaviagate` denotes that start of the transition chain, while `onCommitted` is bound to the document livecycle. `onCommitted` should also fire on cold starts.
chrmod pushed a commit that referenced this issue Jul 29, 2022
@christophertino
Smart Block: Don't block mixed content from localhost. Fixes #44 and G…
c1766d8 
…H-875
chrmod pushed a commit that referenced this issue Jul 29, 2022
@christophertino
update to localhost check in Smart Block policy. See #44
f40370f
chrmod pushed a commit that referenced this issue Jul 29, 2022
@benstrumeyer @wlycdgr
Onboarding spreadsheet bugs #38 (GH-2259), #44 (GH-2306), and #45 (GH…
e8a4736 
…-2305) (#675)

* Expand toggle and select plus plan if user is basic and selects ghostery search

* Make ghostery glow icon bigger in select default search modal

* Move ghostery logo on search option selection container a little to the left

* Remove expansion by default

* Update logo sizes on choose default search view

* Adjust sizing for Yahoo, Startpage, and Bing logos in search selection modals to better match Zeplins

* Increase chance user object is available before choose plan view render. Show expanded view if user picked Glow to match expected UX. Add TODOs so we remember to update AccountReducer to help distinguish between no user present and user not fetched yet

* Factor out option card checkmark item rendering to a helper to reduce duplication.

* Update test snapshots

* Refactor choose plan view plan card feature copy rendering to a helper to reduce duplication

* Factor user status checks in select plan view out to helpers to reduce duplication and bug surface

* Move setting of default plan in plan select view to componentDidMount to avoid using setTimeout to setState in constructor

* Revised setDefaultPlan() logic in ChoosePlanView to make sure everything renders as expected when user is Plus or Premium

Co-authored-by: wlycdgr <ilya.zarembsky@gmail.com>
chrmod added a commit that referenced this issue Jul 29, 2022
@chrmod
Fix: tracker stats should get reset on redirects (#44)
e5448c8 
`onBeforeNaviagate` denotes that start of the transition chain, while `onCommitted` is bound to the document livecycle. `onCommitted` should also fire on cold starts.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@christophertino christophertino

Labels
Bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lidel @christophertino